Sanehiro Furuichi

Sanehiro Furuichi, Yamato-Shi JP

Patent application number

Description

Published

20110087770

System for Indicating to Network User the Cost of Service Provided to Each Device on Network - Managing printer and copier server units connected to a network by enabling the user of a personal computer connected to the network to know print costs depending on the environmental load. Server units provide document print and copy services to each network connected client unit, typically personal computers. The server units can operate in any of several operational states, including for example, a standby state, a sleep state and a run state. Upon receiving a service request from the client unit, a management unit estimates the change in operational state for each connected server unit, assigns a priority to the various server units based on the estimated operational state changes, and provides the information for selection by the user requesting the print or copy service.

04-14-2011

Sanehiro Furuichi, Kanagawa JP

Patent application number

Description

Published

20110087905

Changing Operating State of a Network Device on a Network Based on a Number of Users of the Network - Object To control a network printer such that, when the number of active user computers in the vicinity of the network printer is large, the network printer is set in a standby state and, when that number is small, the network printer is powered off to achieve reduced office power consumption. Solution A method for managing a first unit and one or more other units connected to the first unit over a network is provided. The method includes (i) detecting, by a management unit, an operating state of the other units positioned within a specific range from the first unit on the basis of a location of each of the first and other units over the network, the operating state including at least an operating state at which a service request is capable of being transmitted to the first unit. The method further includes (ii) transmitting, by the management unit, to the first unit, an instruction to change an operating state of the first unit depending on a number of the other units being in the detected operating state at which the service request is capable of being transmitted.

04-14-2011

20110296426

METHOD AND APPARATUS HAVING RESISTANCE TO FORCED TERMINATION ATTACK ON MONITORING PROGRAM FOR MONITORING A PREDETERMINED RESOURCE - Exemplary embodiments include a method and system having resistance to a forced termination attack on a monitoring program for monitoring a predetermined resource. Aspects of the exemplary embodiment include a device that executes a predetermined process including a monitoring program that monitors a predetermined resource, wherein the predetermined process is a process for which the predetermined resource becomes unavailable in response to termination of the predetermined process; a program starting unit for starting the monitoring program in response to an execution of the predetermined process; and a terminator for terminating the predetermined process in the case where the monitoring program is forcibly terminated from the outside.

12-01-2011

20120069406

DETERMINING SCAN PRIORITY OF DOCUMENTS - When a group of documents are received, the scan priority of the documents may be determined, according to one embodiment, by acquiring contexts about each of the documents and calculating a scan priority of each of the documents according to a combination of the contexts of the document. Then, each of the documents may be stored to a queue corresponding to the scan priority of the document, such that documents stored in a higher priority queue are processed before documents stored to a lower priority queue. Also, a confidentiality label may be assigned to each of the documents, starting with the documents in the highest priority queue first, based on content acquired from each of the individual documents.

03-22-2012

20120072969

DETERMINING A SENSITIVITY LABEL OF DOCUMENT INFORMATION IN REAL TIME - A sensitivity label for document information in a document may be determined in real time, according to one embodiment, by flexibly and dynamically determining a sensitivity label for the document based on content included in information within the document. Information within a document varies from day to day, for example, document information may decrease in importance with time, increase in importance due to an event, etc. Therefore, the sensitivity label of the document, according to embodiments described herein, may also change dynamically in accordance with document content, information, etc.

03-22-2012

20120151165

Data protection technique that protects illicit copying of data Maintained in data storage - A data protection program for protecting data to be processed by an application, and a computer including volatile storage means and nonvolatile storage means performs a volatile file unpack function of writing, to the nonvolatile storage means, data corresponding to a data file to be read or written by the application so that the data is associated with the data file; and a volatile file repackage function of outputting the data file corresponding to the data written to the volatile storage means.

06-14-2012

20120166737

Information Processing Apparatus, Data Duplication Method, Program, and Storage Medium - An enhanced security protection in data duplication using a shared storage area is provided. Specifically, an information processing apparatus, in which one or more applications operate, includes a copy-operation monitoring portion that acquires copy data that the copy source application issues an instruction to copy to a general-purpose shared memory, sets a lifetime interpreted from an operation pattern via an input device for the copy data, and then stores the copy data in a storage area; a display portion that displays, on a display, a paste candidate selected from one or more items of copy data stored in the storage area; a paste-operation monitoring portion that transfers the paste candidate read from the storage area to the paste destination application in response to a confirmation operation via the input device; and an erasing portion that erases, from the storage area, copy data that has become unpermitted to remain because the lifetime has expired.

06-28-2012

20120167198

Resource Protection from Unauthorized Access Using State Transition Histories - A resource protection program, apparatus, and method for protecting resources to be processed on a computer. The resource protection program causes a computer to implement: a preparatory function as a function for preparing multiple defined state transition histories and multiple defined actions, both of which are associated with each other, wherein each of the defined state transition histories defines a state transition history of the computer upon execution of predetermined access to a predetermined resource, and each of the defined actions defined to be executable when a transition is made from a defined state to the next defined state; and an action execution function for selecting, upon execution of the real access to the real resource, a defined action associated with a marched defined state transition history from among one or more defined actions to execute die defined action selected.

06-28-2012

20120167216

METHOD AND APPARATUS HAVING RESISTANCE TO FORCED TERMINATION ATTACK ON MONITORING PROGRAM FOR MONITORING A PREDETERMINED RESOURCE - Exemplary embodiments include a method and system having resistance to a forced termination attack on a monitoring program for monitoring a predetermined resource. Aspects of the exemplary embodiment include a device that executes a predetermined process including a monitoring program that monitors a predetermined resource, wherein the predetermined process is a process for which the predetermined resource becomes unavailable in response to termination of the predetermined process; a program starting unit for starting the monitoring program in response to an execution of the predetermined process; and a terminator for terminating the predetermined process in the case where the monitoring program is forcibly terminated from the outside.

06-28-2012

20120210080

Data Protection Technique that Protects Illicit Copying of Data Maintained in Data Storage - A data protection program for protecting data to be processed by an application, and a computer including volatile storage means and nonvolatile storage means performs a volatile file unpack function of writing, to the nonvolatile storage means, data corresponding to a data file to be read or written by the application so that the data is associated with the data file; and a volatile file repackage function of outputting the data file corresponding to the data written to the volatile storage means.

08-16-2012

20120218276

Image Data Transmission Apparatus and Method for Image Display System - An image display system comprises: a transmission device (PC), for transmitting image data upon receiving a drawing command from an OS or an application; and a receiving monitor, for displaying, on a high-resolution panel, image data received via a monitor cable, wherein the transmission device includes a drawing command analysis device, for detecting an area on a screen wherein the content is changed by the drawing command, and for employing the detected area to calculate an area to be transmitted, and a graphics card, for transmitting a packet that includes the calculated area to be transmitted, and control data provided as header data for the area to be transmitted, and wherein the receiving monitor includes a packet reception device, for analyzing the header data in the received packet and for, based on the header data, rendering image data in an internally provided frame memory.

08-30-2012

20130007469

SECURELY MANAGING THE EXECUTION OF SCREEN RENDERING INSTRUCTIONS IN A HOST OPERATING SYSTEM AND VIRTUAL MACHINE - Provided are a computer readable storage medium, computer apparatus, and method for securely managing the execution of screen rendering instructions in a host operating system and virtual machine. A first rendering instruction hooking section is set to a first mode to hook a screen rendering instruction issued by a virtual machine application in a virtual machine. A second rendering instruction hooking section is set to a second mode to hook instructions issued by the virtual machine application. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the first mode to produce illegible output. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the second mode. The encrypted hooked screen rendering instruction encrypted in the second mode are issued to a host operating system to decrypt.

01-03-2013

Patent applications by Sanehiro Furuichi, Kanagawa JP

Sanehiro Furuichi, Yamato JP

Patent application number

Description

Published

20100250963

EXTERNAL STORAGE DEVICE, AS WELL AS METHOD, PROGRAM AND INFORMATION PROCESSING APPARATUS FOR PROCESSING DATA STORED IN EXTERNAL STORAGE DEVICE - An external storage device connectable to an information processing apparatus is provided. The storage device includes: an input/output interface via which data is exchanged with an information processing apparatus; a first storage region where data associated with first and second validity periods is stored; and a second storage region where a control program is stored. While the first validity period is used when the external storage device is connected to one information processing apparatus, the second validity period is used when the external storage device is connected to another information processing apparatus. The control program causes a processor to execute the steps of: establishing connection of the external storage device to an information processing apparatus; identifying any one of the validity periods as a validity period to be used for the data; and executing predetermined security protection processing on the data in accordance with the identified validity period.

09-30-2010

20120265999

PROCESSING DATA STORED IN EXTERNAL STORAGE DEVICE - An external storage device connectable to an information processing apparatus is provided. The storage device includes: an input/output interface via which data is exchanged with an information processing apparatus; a first storage region where data associated with first and second validity periods is stored; and a second storage region where a control program is stored. While the first validity period is used when the external storage device is connected to one information processing apparatus, the second validity period is used when the external storage device is connected to another information processing apparatus. The control program causes a processor to execute the steps of: establishing connection of the external storage device to an information processing apparatus; identifying any one of the validity periods as a validity period to be used for the data; and executing predetermined security protection processing on the data in accordance with the identified validity period.

10-18-2012

Sanehiro Furuichi, Tokyo JP

Patent application number

Description

Published

20080301754

Management of Mandatory Access Control For Graphical User Interface Applications - Granular policy management is provided based upon an active status of a process and the display status of an associated visual display. A policy is constructed and applied to a process by a combination of individual control policy parameters associated with the status of a process or a graphical user interface. Each active policy is dynamically adjusted in response to a change in at least one policy condition.

12-04-2008

20090064312

SYSTEM, METHOD AND PROGRAM FOR PROTECTING INFORMATION ON COMPUTER SCREEN - Whenever a drawing command is executed, a computer system having a graphic user interface such as a multi-window system determines, from the logical operation pattern of the drawing command, what kind of information is inherited by a drawing result from the drawing command, preferably without performing a complicated step such as an image process. At the same time, the computer system controls information flow of an image outputted to a screen by managing labeled area maps which correspond one to one to images on the screen and in a memory.

03-05-2009

20090150824

MULTIWINDOW SYSTEM, SECURITY PROTECTION METHOD, AND SECURITY PROTECTION PROGRAM FOR MULTIWINDOW SYSTEM - Security levels and positional information in the Z-axis direction (Z-order) of windows on the screen with a limitation. A program that is assigned a low security level cannot become higher than a program that is assigned a high security level in the Z-axis direction. In addition, a restriction is imposed on information flow via a clipboard and a window message from a higher program to a lower program in the Z-axis direction. The security levels are managed on the window basis according to attributes of files to be accessed or documents to be displayed. The display state of each window in the desktop is dynamically controlled depending on the security level of the window on which a user actually performs operation. The visual states of system resources such as printers and drives are controlled in accordance with the assigned security level.

06-11-2009

20100071034

SYSTEM FOR PREVENTING UNAUTHORIZED ACQUISITION OF INFORMATION AND METHOD THEREOF - A system including a server apparatus executes an application program and a client apparatus enabling a user to utilize the application program by communicating with the server apparatus based on an instruction of the user. The server apparatus includes: an output detection section for detecting output-processing which is processing of outputting data from the application program into a shared area; and an output control section for storing instruction information in the shares area, instead of storing the output data outputted from the application program therein, in response to the detection of the output-processing, the instruction information specifying an acquisition method by which an authorized client apparatus acquires the output data. The client apparatus includes: a reading detection section for detecting reading-processing which is processing of reading data from the shared area; and a reading control section which reads the instruction information from the shared area in response to the detection of the reading-processing, and which acquires the output data by the acquisition method specified by the instruction information.

03-18-2010

20120072376

OPTIMIZING A PRINTER SYSTEM IN CONSIDERATION OF ENVIRONMENTAL LOAD - A print server selects a printer system to execute a print job received from a client, the printer system selected from among a plurality of printer systems connected to the network, the print server comprising a basic information acquiring section that acquires, at predetermining timing, unit price calculation basic information on printer systems in operation including at least information on environmental load information from at least one of the plurality of printer systems and external computers, a unit price calculating section that calculates a print unit price for each printer system based on the acquired unit price calculation basic information, a storage section that stores the calculated unit price in association with identification information for identifying the printer system and a sending section that sends the print unit prices and the identities of the printer systems associated with the calculated unit prices to the client.

03-22-2012

20120166442

CATEGORIZING DATA TO PERFORM ACCESS CONTROL - Systems and methods categorize data to perform access control. A system receives first data, where the first data comprises at least a portion of data to be categorized. The system analyzes the first data to determine Whether the first data belongs to a first category. If the first data belongs to a first category, the system applies a first access control set to actions on the data to be categorized. Further, if one or more of the actions on the data to be categorized has an access control status of pending after applying the first access control set, the system receives second data, where the second data comprises at least a portion of data to be categorized. The system analyzes the second data to determine whether the second data belongs to a second category. If the second data belongs to a second category, the system applies a second access control set to at least one of the actions having the access control status of pending.

06-28-2012

20120215591

OPTIMIZING A PRINTER SYSTEM IN CONSIDERATION OF ENVIRONMENTAL LOAD - A print server selects a printer system to execute a print job received from a client, the printer system selected from among a plurality of printer systems connected to the network, the print server comprising a basic information acquiring section that acquires, at predetermining timing, unit price calculation basic information on printer systems in operation including at least information on environmental load information from at least one of the plurality of printer systems and external computers, a unit price calculating section that calculates a print unit price for each printer system based on the acquired unit price calculation basic information, a storage section that stores the calculated unit price in association with identification information for identifying the printer system and a sending section that sends the print unit prices and the identities of the printer systems associated with the calculated unit prices to the client.

08-23-2012

20130031354

SYSTEM FOR PREVENTING UNAUTHORIZED ACQUISITION OF INFORMATION AND METHOD THEREOF - A server apparatus includes: an output detector for detecting output-processing which is processing of outputting data from the application program into a shared area; and an output control section for storing instruction information in the shared area, instead of storing the output data outputted from the application program therein, in response to the detection of the output-processing, the instruction information specifying an acquisition method by which an authorized client apparatus acquires the output data. The client apparatus includes: a reading detection section for detecting reading-processing which is processing of reading data from the shared area; and a reading control section which reads the instruction information from the shared area in response to the detection of the reading-processing, and which acquires the output data by the acquisition method specified by the instruction information.

01-31-2013

20130145459

Information Processing Device, Control Method and Program - An information processing device, control method and program that suppresses security risks to a minimum. When power is activated, a control component starts by reading a first program from a first memory component and, in observance of the first memory program, it reads the identification information of an authentication device that is mounted to a mounting component, references a table T, and performs authentication processing for the authentication device, with the condition that the count value correspondingly listed for the identification information of the authentication device be larger than a prescribed value and, when authentication processing has succeeded, starts by reading the second program from a second memory component, and in the event that the authentication device continues to be mounted to the mounting component during executing the second program, decreases the table count value corresponding to the unique identification information of the authentication device.

06-06-2013

20130219462

GENERATING A DISTRUBITION PACKAGE HAVING AN ACCESS CONTROL EXECUTION PROGRAM FOR IMPLEMENTING AN ACCESS CONTROL MECHANISM AND LOADING UNIT FOR A CLIENT - A data distribution system, method and program for generating a distribution package for distribution data to a client. An environment of a requesting client requesting distribution data is detected. A determination is made of an access control execution program for implementing an access control mechanism and a loading unit on the requesting client. The access control execution program is adapted to the detected environment of the requesting client and control access to a resource from a process in the client. The loading unit loads the distribution data to a protected storage area of the client. A determination is made of a security policy specified for the distribution data. A distribution package is generated including the distribution data, the security policy, the loading unit, and the access control execution program adapted to the environment of the requesting client; and transmitting the generated distribution package to the requesting client.

08-22-2013

20130226965

Acquiring Customized Information from a Server - A mechanism is provided for acquiring information from a server based on search condition input by a search performing user and communication results with other information terminals. Input search conditions are received from a search performing user. Communication is performed with other information terminals. A search request is transmitted to the server based on the input search conditions and the communication results from the other information terminals. Information is received from the server that matches input search results and the communication results. The acquired information is customized based the communication results with the other information terminals. The customized information is then displayed on the information terminal.

SECURITY-MINDED CLONING METHOD, SYSTEM AND PROGRAM - In order to solve this problem, the first aspect of the present invention is a system for duplicating (cloning) a physical environment in a virtual environment using CMDB, the system comprising: means for setting a level of confidentiality for attributes of configuration items (CI) of CMDB managing the source hardware information and software information, and means for sending CMDB information including CI having the level of confidentiality set to a virtual environment constructing means connected via a network; the virtual environment constructing means having a means for constructing the source environment in a virtual environment based on sent CMDB information; and the sending means having a means for changing the level of confidentiality of CI attributes having the level of confidentiality set in accordance with a default confidentiality policy.

02-06-2014

20140130183

Managing Confidential Information - An information processing apparatus, method, and program product for appropriately setting confidentiality of a target electronic document even when copied data is pasted into a document from an electronic document including confidential information, without limiting replication from an electronic document including confidential information depending on attributes of the target electronic document. Also provided is an information processing apparatus, method and program product that saves content data specified by the user and a label indicating the confidentiality of the electronic document including the content data in a clipboard; pastes the user-specified content data to a target electronic document; temporarily saves the label for the electronic document including the user-specified content data in a data table which stores electronic document labels, as a label for the target electronic document; checks the confidentiality of the target electronic document; and establishes or deletes the temporarily saved label.

05-08-2014

20140150085

USER AUTHENTICATION BASED ON A USER'S OPERATION ON A DISPLAYED THREE-DIMENSIONAL MODEL - An authentication device authenticates a user based on a user's operation. The authentication device comprises a display control unit, an operation input unit, and an authentication unit. The display control unit is a processor-based logic that displays a three-dimensional model on a display device. The operation input unit is a hardware unit that inputs a user's operation on the displayed three-dimensional model. The authentication unit is a processor-based logic that authenticates the user based on the user's operation, wherein the user's operation comprises a change operation of at least one of a position and posture of the three-dimensional model having been input from the user.

05-29-2014

20140289204

EXECUTING A FILE BACKUP PROCESS - A technique to execute a backup process efficiently when an identical file is owned by multiple persons in order to decrease storage capacity and traffic volume requirements. In a backup system including a backup execution terminal, backup destination terminals, and a management server, the backup execution terminal executes a deemed backup process for deeming the file identical to the target file and owned on the backup destination terminals to be a backup duplicate of the target file, or an actual backup process for sending the target file to the management server, each of the backup destination terminals stores the backup execution terminal and the file identical to the target file in association with each other at the time of the deemed backup, and the management server stores the target file sent from the backup execution terminal at the time of the actual backup.

09-25-2014

Patent applications by Sanehiro Furuichi, Tokyo JP

Sanehiro Furuichi, Kanagawa-Ken JP

Patent application number

Description

Published

20090327617

Shared Object Control - Methods, systems, and computer program products for controlling information read/write processing. The method includes assigning a plurality of division areas to a shared storage area for storing a shared object: specifying a division area used for read/write processing in accordance with user identification information for identifying a user; and executing the read processing for reading information from a specified division area and the write processing for writing information to the specified division area. The shared object is shared among a plurality of processes.